﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;

using Library.Bll.Account;

namespace Yeex.Boss.Web.Helper
{
    /// <summary>
    /// 需要有权限才能访问
    /// </summary>
    public class NeedLevelAttribute : NeedLoginAttribute
    {
        /// <summary>
        /// 在过程请求授权时调用。 
        /// </summary>
        /// <param name="filterContext">对象包括控制器、HTTP 上下文、请求上下文、操作结果和路由数据。</param>
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);

            string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            string actionName = filterContext.ActionDescriptor.ActionName;
            long operateLevel = FunctionBLL.GetOperateLevel(controllerName, actionName);
            if (operateLevel <= 0)
            {
                FormsAuthentication.SignOut();
                HttpContext.Current.Response.Clear();
                HttpContext.Current.Response.Write("<h1>您无权操作该功能！</h1>");
                HttpContext.Current.Response.End();
                filterContext.Result = new EmptyResult();
            }
        }
    }
}